Skip to content

Commit

Permalink
issue permissions
Browse files Browse the repository at this point in the history
  • Loading branch information
@jardakotesovec
jardakotesovec committed Jun 13, 2024
1 parent 2eb513f commit e3931ea
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 0 deletions.
2 changes: 2 additions & 0 deletions classes/security/authorization/OjsIssueRequiredPolicy.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -73,6 +73,8 @@ public function dataObjectEffect()
Role::ROLE_ID_MANAGER,
Role::ROLE_ID_SUB_EDITOR,
Role::ROLE_ID_ASSISTANT,
Role::ROLE_ID_REVIEWER,
Role::ROLE_ID_AUTHOR
]
)) == 0) {
return AuthorizationPolicy::AUTHORIZATION_DENY;
Expand Down
3 changes: 3 additions & 0 deletions classes/security/authorization/OjsJournalMustPublishPolicy.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,13 +43,16 @@ public function effect()
if (!$this->_context) {
return AuthorizationPolicy::AUTHORIZATION_DENY;
}
return AuthorizationPolicy::AUTHORIZATION_PERMIT;

// Certain roles are allowed to see unpublished content.
$userRoles = (array) $this->getAuthorizedContextObject(Application::ASSOC_TYPE_USER_ROLES);
if (count(array_intersect(
$userRoles,
[
Role::ROLE_ID_MANAGER,
Role::ROLE_ID_REVIEWER,
Role::ROLE_ID_AUTHOR,
Role::ROLE_ID_SITE_ADMIN,
Role::ROLE_ID_ASSISTANT,
Role::ROLE_ID_SUB_EDITOR,
Expand Down

0 comments on commit e3931ea

Please sign in to comment.